Our Next Joint Meeting with the Baltimore SIGAda Chapter
is scheduled for
Tuesday, 27 April 2004 at 7:30 P.M.
[Note: rescheduled from Tuesday, 13 April 2004 due to unavailability of the room]
Currie Colket of The MITRE Corporation
will be speaking on
Code Analysis for Quality in High Integrity Systems
at the Baltimore SIGAda Venue
(Johns Hopkins University/Applied Physics Laboratory in Laurel, Maryland)
The presentation will start at 7:30 P.M. (Refreshments and Social at 7:00 P.M.) at the Johns Hopkins University/Applied Physics Laboratory in Laurel, Maryland
Munchies and soft drinks will be served at 7:00 PM, the general meeting will start at 7:30 PM, followed by the program.
High Integrity Systems are those where a failure will result in loss of life or significant loss of something of value to the organization. Such systems are typically referred to as safety-critical systems, security-critical systems, business-critical systems, or even socially-critical systems. These high integrity systems must be shown to be fully predictable in operation and have all the properties required of them. Besides the use of conventional testing, this must be augmented by analyzing the software.
A variety of standards have emerged for many high-integrity domains such as airborne civil avionics, nuclear power plants, medical systems, pharmaceutical, defense, ground rail, security, automotive, and space. From these standards, 4 common approaches may be elicited to support the verification of software. These are traceability, reviews, analysis, and testing. This presentation focuses on the analysis aspects of software verification, and more precisely on what is referred to as “static analysis” or “code analysis”. Static analysis is commonly referred to as code analysis, as the analysis is performed statically by analyzing the source code where as dynamic analysis is performed while executing the executable code, hence “dynamic analysis”. Dynamic analysis is more properly considered to be the fourth part of verification, testing.
An emerging role of code analysis is with its importance for information assurance and the building of assurance cases. An assurance case might have a Claim that the “software is of high quality”. An Argument to support that claim might be that “Static Analysis has identified no errors”. Evidence for this argument might be a variety of automated analyses identifying no errors detected.
Some of the key methods of code analysis will be discussed. Most of these lend themselves nicely to automatic code analysis and the building of assurance cases. Some of these can support prescribed quality requirements. Of high importance, static code analysis can detect anomalies within the application that are almost impossible to detect, yet can cause serious or even fatal software crashes. Code analysis can also be used to address design concerns, conformance to project coding/quality standards, performance issues, and maintenance issues. There is at least one ISO standard that supports automatic code analysis based on both syntactic and semantic code analysis. There are a number of commercially available tools available. Experiences using some of these code analysis tools will be discussed.
Mr. Colket is currently a software systems engineer for MITRE. His current tasks involve software engineering support for a variety of programs. He performed code analysis for an avionics platform and an amphibious platform. He chaired the ISO Rapporteur Group responsible for the ISO standard supporting code analysis. Mr. Currie Colket is the Chair of ACM SIGAda, the Chair of the SIGAda Ada Semantic Working Group, and Chair of the ISO WG9 ASIS Rapporteur Group. He recently retired from the DoD where he served in the Air Force as an Airborne Surveillance Officer on AWACS, the Navy Deputy Director for the Ada Joint Program Office (AJPO), and a computer scientist for the United States Navy. Prior to his affiliation with MITRE, he was a consultant for the Software Program Manager's Network (SPMN). He has a Bachelor of Science from Case Institute of Technology, a Master of Business Administration from the University of Southern Mississippi and a Master of Science in Computer Science from the Ohio State University.
Detailed Directions and Maps are available at: http://www.acm.org/sigada/locals/dc/Directions_JHU_APL.html
At the DC SIGAda meeting on 11 March 2004, Scott Ankrum gave an excellent presentation titled: Assurance Frameworks. Slides from his presentation are available online as a Powerpoint Presentation at http://www.acm.org/sigada/locals/dc/200403_Ankrum_Assurance_Case.ppt (ppt, 387KB).
Please provide suggestions on the Web site and its contents. We are particularly interested in ways the DC SIGAda Home Page can serve you better.
Consider subscribing to our e-mail list. Simply send an email to:
with the body containing:
subscribe SIGAda-DC Your Name
To be removed from the list, send an email request to:
with the body containing:
Please forward this message to people who might be interested in attending. We welcome all new members as our attendance and interests grow.
Many thanks to all earlier participants, contributors, speakers, advisors, and friends, who are involved in helping to produce and attend the meetings.
Jeff Castellow, Chair, DC SIGAda
If you have comments or suggestions,
email the DC SIGAda Webmaster
updated 26 April 2004